A new class of processor chip vulnerabilities targeting the 'speculative execution' portion of Intel chips has been discovered by a group of researchers a few days back. These three vulnerabilities are named ZombieLoad, fallout, and RIDL (Rogue In-flight Data Load). These flaws are rated highly critical by the team of researchers who discovered them. ManageEngine Desktop Central now supports patches for the ZombieLoad vulnerability.

 

Name of the Vulnerability: ZombieLoad

Severity : Highly critical

Exploitation status : Not exploited

Affected systems : Every Intel chip manufactured after 2011

Fixes : Major OS vendors like Microsoft and Apple have released a temporary software fix. Intel is working on a permanent fix.

 

ManageEngine highly recommends its users to install the latest patches to secure the endpoints from 'ZombieLoad vulnerability'. 

 

You can install the latest patches by looking for Patch IDs for respective applicable OSs.

 

Patch IDs - Applicable OSs

Patch ID 106957 - Windows 10 Version 1709 for x64 

Patch ID 106956 - Windows 10 Version 1709 for x86 

Patch ID 106959 - Windows 10 Version 1703 for x64

Patch ID 106958 - Windows 10 Version 1703 for x86

Patch ID 106949 - Windows 10 Version 1507 for x64

Patch ID 106948 - Windows 10 Version 1507 for x86

Patch ID 106953 - Windows 10 Version 1607 for x64

Patch ID 106954 - Windows 10 Version 1607 for x86

Patch ID 106955 - Windows Server 2016 for x64

MAC-134 - 601901 - macOS Mojave 10.14.5 

MAC-140 - 601900 - macOS Mojave 10.14.5 Combo Update 

MAC-133 - 601902 - Security Update 2019-003 (High Sierra) 

MAC-130 - 601903 - Security Update 2019-003 (Sierra)